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CLAIMS 

1 LA computer system for protecting electronic documents, comprising: 

2 a repository for storing an electronic document having a dociunent attribute; 

3 an access layer used by an accessor to access at least one portion of the electronic 

4 document, the accessor having an accessor attribute; 

5 a rule set; and 

6 an expert system operable to determine an access behavior with regards to the at least 

7 one portion by evaluating rules of the rule set with reference at least to the dociunent attribute 

8 and the accessor attribute when the accessor tries to access the at least one portion using the 

9 access layer. 

1 2. The computer system of claim 1, where the rule set is stored in a knowledge base and the 

2 access behavior is defined in the knowledge base. 

1 3. The computer system of claim 1, where the expert system retums the access behavior to 

2 the access layer to control the access of the accessor. 

1 4. The computer system of claim 1, where the rule set has a rule that uses the accessor 

2 attribute and the document attribute to assert a condition on the basis of a value of the 

3 accessor attribute and a value of the document attribute. 

1 5. The computer system of claim 1, where the access layer leams about the document 

2 attribute of the document by using a generic interface. 

1 6. The computer system of claim 5, where the expert system retrieves structure meta data of 

2 the document that describes the structure of the document. 

1 7. The computer system of claim 6, where the structure meta data indicates that the at least 

2 one portion is an inner sub-portion of an outer portion of the document and the access layer 

3 allows the accessor to access the inner sub-portion but prevents the accessor firom accessing 

4 the outer portion. 
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1 8. The computer system of claim 6, where the structure meta data has at least one structure 

2 element that is associated with a key that influences the access behavior for the at least one 

3 structure element. 

1 9. The computer system of claim 1, where a framework generates a runtime representation 

2 of the document that references the document and reflects the access behavior with respect to 

3 the accessor. 

1 10. The computer system of claim 1, where at least one of: 

2 the document attribute comprises at least one of document type, document structure 

3 information, document meta data, document relationship information, and document access 

4 behavior; 

5 the accessor attribute comprises at least one of user role, user group, process type, and 

6 application type; 

7 the access behavior comprises at least one of hidden, protected, read, modify, delete, 

8 create, print, copy, transport, archive, and custom access behavior; and 

9 the accessor comprises at least one of user, appUcation, and process. 

1 11. The computer system of claim 1 , where a change of the rule set affects substantially 

2 simultaneously the access behavior to the at least one portion without the need to change the 

3 document or the accessor. 
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1 12. A method for controlling access to electronic documents, comprising: 

2 receiving a request of an accessor to access at least one portion of an electronic 

3 document stored in a repository, with the electronic document having a document attribute 

4 and the accessor having an accessor attribute; 

5 requesting authorization information from an expert system with regards to the 

6 authorization of the accessor to the at least one portion; 

7 receiving from the expert system the authorization information including an access 

8 behavior with regards to the at least one portion, where the access behavior is determined by 

9 applying rules of a rule set to data comprising at least the document attribute and the accessor 

10 attribute; and 

11 granting the accessor access to the at least one portion according to the access 

12 behavior. 

1 13. The method of claim 12, where the access behavior is defined in a knowledge base and 

2 the rule set is stored in the knowledge base. 

1 14. The method of claim 12, where the rule set has a rule that uses the accessor attribute and 

2 the document attribute to assert a condition on the basis of a value of the accessor attribute 

3 and a value of the document attribute. 

1 15. The method of claim 12, fiirther comprising: 

2 generating a runtime representation of the document that references the document and 

3 reflects the access behavior with respect to the accessor. 

1 16. The method of claim 15, further comprising: 

2 receiving an event from at least one of the document and the runtime representation, 

3 where the event is triggered by a change of the document; 

4 causing the expert system to determine an updated access behavior in accordance 

5 with the change; and 

6 notifying at least one of the document and the runtime representation about the 

7 updated access behavior. 
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17. The method of claim 12, further comprising: 

retrieving structure meta data of the document that describes the structure of the 
document. 

18. The method of claim 17, where the structure meta data indicates that the at least one 
portion is an inner sub-portion of an outer portion of the document, and where the granting 
the accessor access further comprises: 

allowing the accessor to access the inner sub-portion; and 
preventing the accessor from accessing the outer portion. 

19. The method of claim 12, where the access behavior comprises at least one of hidden, 
protected, read, modify, delete, create, print, copy, transport, archive, and custom access 
behavior. 

20. The method of claim 12, further comprising: 

changing the rule set and affecting substantially simultaneously the access behavior to 
the at least one portion without the need to change the document or the accessor. 
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1 2 1 . A computer program product, tangibly embodied on an information carrier, comprising 

2 instructions operable to cause data processing apparatus to: 

3 receive a request of an accessor to access at least one portion of an electronic 

4 document stored in a repository, with the electronic document having a document attribute 

5 and the accessor having an accessor attribute; 

6 request authorization information from an expert system with regards to the 

7 authorization of the accessor to the at least one portion; 

8 receive from the expert system the authorization information including an access 

9 behavior with regards to the at least one portion, where the access behavior is determined by 

10 applying rules of a rule set to data comprising at least the document attribute and the accessor 

11 attribute; and 

12 grant the accessor access to the at least one portion according to the access behavior. 

1 22. The product of claim 21, where access to the at least one portion of the electronic 

2 document is provided only through an access layer comprising the instructions to receive a 

3 request, request authorization, receive from the expert system authorization information, and 

4 grant the accessor access. 

1 23. The product of claim 21, where the access behavior is defined in a knowledge base and 

2 the rule set is stored in the knowledge base. 

1 24. The product of claim 2 1 , where the rule set has a rule that uses the accessor attribute and 

2 the document attribute to assert a condition on the basis of a value of the accessor attribute 

3 and a value of the document attribute. 

1 25. The product of claim 21, further comprising instructions to: 

2 generate a runtime representation of the document that references the document and 

3 reflects the access behavior with respect to the accessor. 
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1 26. The product of claim 25, further comprising instructions to: 

2 receive an event from at least one of the docimient and the runtime representation, 

3 where the event is triggered by a change of the document; 

4 cause the expert system to determine an updated access behavior in accordance with 

5 the change; and 

6 notify at least one of the document and the runtime representation about the updated 

7 access behavior. 

1 27. The product of claim 21, further comprising instructions to: 

2 retrieve structure meta data of the document that describes the structure of the 

3 document. 

1 28. The product of claim 27, where the structure meta data indicates that the at least one 

2 portion is an inner sub-portion of an outer portion of the document, and where the granting 

3 the accessor access further comprises: 

4 allowing the accessor to access the inner sub-portion; and 

5 preventing the accessor from accessing the outer portion. 

1 29. The product of claim 21, where the access behavior comprises at least one of hidden, 

2 protected, read, modify, delete, create, print, copy, transport, archive, and custom access 

3 behavior. 

1 30. The product of claim 21, further comprising instructions to: 

2 change the rule set and affecting substantially simultaneously the access behavior to 

3 the at least one portion without the need to change the document or the accessor. 
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